| From: | ugurlu2001(at)hotmail(dot)com |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #13607: Creating "Readonly" User for public Shema. |
| Date: | 2015-09-02 14:45:58 |
| Message-ID: | 20150902144558.1367.52135@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 13607
Logged by: Ugur YILMAZ
Email address: ugurlu2001(at)hotmail(dot)com
PostgreSQL version: 9.4.0
Operating system: Widows 10 Pro x64
Description:
I was create a readonly user on a testdb for my new project. There are two
user types at the project: postgres and readonly. The postgres user is
working in my program with admin rights and handling all concepts
(Transactions, Create, Drop, Maintenance etc...) . And I added readonly user
to my project; protect my tables against sql injections. readonly user only
runs SELECT STATEMENTS for reports. But when I test some tables; There is no
protect of my tables against "ALTER TABLE" commands. I think; that is an
importand bug on PostgreSQL. I hope you can add "ALTER" keyword for
"GRANT/REVOKE" command to PostgreSQL The script at the abouve that I used :
With my best regards.
CREATE ROLE readonly LOGIN PASSWORD 'thePwd';
-- Existing objects
GRANT CONNECT ON DATABASE the_db TO readonly;
GRANT USAGE ON SCHEMA public TO readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO readonly;
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO readonly;
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2015-09-02 16:55:13 | Re: BUG #13440: unaccent does not remove all diacritics |
| Previous Message | Vicky Soni - Quipment India | 2015-09-02 12:21:38 | Re: BUG #13601: bit as quoted column in output |